What To Do If Your Business Has Been Hacked

With cyber crime rapidly on the rise, we share what to do if your business falls victim to a cyber attack with expert advice from Anthony Green – CTO & cyber crime expert at FoxTech.


Don’t shut down your system

This is a typical panic response, and it might be tempting to shut everything down. Unfortunately, if an attack is underway, you should assume that the hacker has already gathered much of the information they were looking for. By unplugging your system or deleting malicious files, you could be destroying evidence that will be key to discovering what has been taken, and how your system was breached. It’s far better to leave your system be and call an expert straight away.


Call an expert

This is the most important step to take in the event of a hack. If you have never used a cybersecurity consultancy firm before, and don’t employ in-house cybersecurity experts, then you need to conduct a search for a security expert as a matter of urgency.  To avoid this scenario, it is highly advisable for any organisation to find a trusted cybersecurity partner before a breach occurs. Having an expert on hand who is familiar with your system means that if the worst does happen, they will be able to act immediately to help you contain and analyse the attack. They can also help you discover the facts and take the right actions in the event of a ransomware demand.


Keep a record of events

As soon as you realise your system has been attacked, keep a record of every subsequent action taken – such as who has touched the system, and when. This log will help you keep track of your system, become a valuable resource for post-breach analysis, and will also help your organisation’s case in the event of any legal action.


Be transparent with your customers

Most organisations will worry about the reputational damage of disclosing a breach of sensitive data, but if your users’ data is out there, they not only deserve to be notified, but you could face legal action if you fail to do so. Once you have called in an expert, they will work to understand the scope of the attack, close the security holes that have caused a problem and review your compromised files. If it is likely that the breach contained personal information then, by law, this must be reported to the Information Commissioner’s Office within 72 hours. Failing to do so can lead to a fine of up to £8.7 million or 2% of your global turnover.



After an attack, it’s essential to submit your entire system to an extended security assessment. This can identify and fix any other vulnerabilities in your system to help protect your business from a repeat incident. The UK Government’s 2021 cybersecurity review found only 15% of businesses have conducted an audit of their cyber security vulnerabilities, and only 31% of businesses and 27% of charities have a business continuity plan that covers cybersecurity. Therefore, while cyber attacks are certainly on the rise – and it’s important to know how to respond to a breach – there is still a huge amount of scope for businesses work with the experts to improve their cybersecurity strategy and greatly reduce their risk of falling victim to any form of attack.